X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-graphadmin%2Fvalues.yaml;h=6f372f9bd9fc51f174b63c94188a9e593f81ea72;hb=116dcb01068e8ab4e79642f2affd7e8a2952307e;hp=ee0a20b367c7d665bf42fdad6451274bd369d6d6;hpb=8c680e425b8d318a5152a54e97b80bdb40bdb4be;p=oom.git

diff --git a/kubernetes/aai/components/aai-graphadmin/values.yaml b/kubernetes/aai/components/aai-graphadmin/values.yaml
index ee0a20b367..6f372f9bd9 100644
--- a/kubernetes/aai/components/aai-graphadmin/values.yaml
+++ b/kubernetes/aai/components/aai-graphadmin/values.yaml
@@ -4,6 +4,7 @@
 # ================================================================================
 # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
 # Copyright (c) 2020 Nokia Intellectual Property. All rights reserved.
+# Copyright (c) 2020-2021 Orange Intellectual Property. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -23,25 +24,150 @@
 # Declare variables to be passed into your templates.
 global: # global defaults
   nodePortPrefix: 302
-  readinessImage: onap/oom/readiness:3.0.1
+  cassandra:
+    #This will instantiate AAI cassandra cluster, default:shared cassandra.
+    localCluster: false
+  initContainers:
+    enabled: true
+  jobs:
+    # When enabled, it will create the schema based on oxm and edge rules
+    createSchema:
+      enabled: true
+    #migration using helm hooks
+    migration:
+      enabled: false
+  config:
+
+    # Specifies that the cluster connected to a dynamic
+    # cluster being spinned up by kubernetes deployment
+    cluster:
+      cassandra:
+        dynamic: true
 
+    # Specifies if the basic authorization is enabled
+    basic:
+      auth:
+        enabled: true
+        username: AAI
+        passwd: AAI
+
+    # Notification event specific properties
+    notification:
+      eventType: AAI-EVENT
+      domain: dev
+
+    # Schema specific properties that include supported versions of api
+    schema:
+      # Specifies if the connection should be one way ssl, two way ssl or no auth
+      # will be set to no-auth if tls is disabled
+      service:
+        client: one-way-ssl
+      # Specifies which translator to use if it has schema-service, then it will
+      # make a rest request to schema service
+      translator:
+        list: schema-service
+      source:
+        # Specifies which folder to take a look at
+        name: onap
+      uri:
+        # Base URI Path of the application
+        base:
+          path: /aai
+      version:
+        # Current version of the REST API
+        api:
+          default: v26
+        # Specifies which version the depth parameter is configurable
+        depth: v11
+        # List of all the supported versions of the API
+        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26
+        # Specifies from which version related link should appear
+        related:
+          link: v11
+        # Specifies from which version the app root change happened
+        app:
+          root: v11
+        # Specifies from which version the xml namespace changed
+        namespace:
+          change: v12
+        # Specifies from which version the edge label appeared in API
+        edge:
+          label: v12
+
+    # Specifies which clients should always default to realtime graph connection
+    realtime:
+      clients: SDNC,MSO,SO,robot-ete
+
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: aai-graphadmin-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: aai
+  fqi: aai@aai.onap.org
+  public_fqdn: aai.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  fqi_namespace: org.onap.aai
+  user_id: &user_id 1000
+  group_id: &group_id 1000
+  aaf_add_config: |
+    echo "*** changing them into shell safe ones"
+    export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export KEYSTORE_JKS_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    cd {{ .Values.credsPath }}
+    keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_keystore_password_p12}" \
+      -keystore {{ .Values.fqi_namespace }}.p12
+    keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_truststore_password}" \
+      -keystore {{ .Values.fqi_namespace }}.trust.jks
+    keytool -storepasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
+        -storepass "${cadi_keystore_password_jks}" \
+        -keystore {{ .Values.fqi_namespace }}.jks
+    echo "*** set key password as same password as keystore password"
+    keytool -keypasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
+      -keystore {{ .Values.fqi_namespace }}.jks \
+      -keypass "${cadi_keystore_password_jks}" \
+      -storepass "${KEYSTORE_JKS_PLAIN_PASSWORD}" -alias {{ .Values.fqi }}
+    echo "*** writing passwords into prop file"
+    echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
+    echo "KEYSTORE_JKS_PLAIN_PASSWORD=${KEYSTORE_JKS_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+    echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+    echo "*** change ownership of certificates to targeted user"
+    chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
 
 # application image
-repository: nexus3.onap.org:10001
-image: onap/aai-graphadmin:1.7.1
+image: onap/aai-graphadmin:1.9.3
 pullPolicy: Always
 restartPolicy: Always
 flavor: small
 flavorOverride: small
 # default number of instances
 replicaCount: 1
+# the minimum number of seconds that a newly created Pod should be ready
+minReadySeconds: 30
+updateStrategy:
+  type: RollingUpdate
+  # The number of pods that can be unavailable during the update process
+  maxUnavailable: 0
+  # The number of pods that can be created above the desired amount of pods during an update
+  maxSurge: 1
 
 # Configuration for the graphadmin deployment
 config:
 
   # Specify the profiles for the graphadmin microservice
   profiles:
-    active: "dmaap,one-way-ssl"
+    # one way ssl profile will be set unless tlsEnabled is set to false or serviceMesh is enabled and
+    # serviceMesh.tls is set to tru
+    active: dmaap #,one-way-ssl"
 
   # Specifies the timeout limit for the REST API requests
   timeout:
@@ -110,10 +236,11 @@ readiness:
 service:
   type: ClusterIP
   # REST API port for the graphadmin microservice
-  portName: aai-graphadmin-8449
+  portName: http
   internalPort: 8449
-  portName2: aai-graphadmin-5005
+  portName2: tcp-5005
   internalPort2: 5005
+  terminationGracePeriodSeconds: 120
 
 ingress:
   enabled: false
@@ -156,3 +283,18 @@ resources:
       cpu: 1
       memory: 2Gi
   unlimited: {}
+
+# Not fully used for now
+securityContext:
+  user_id: *user_id
+  group_id: *group_id
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: aai-graphadmin
+  roles:
+    - read
+#Log configuration
+log:
+  path: /var/log/onap
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'